post
/public_api/v1/audits/management_logs/
- Response is concatenated using AND condition (OR is not supported).
- Maximum result set size is 100.
- Offset is the zero-based number of incidents from the start of the result set.
Get audit management logs.
CURL
curl -X POST \
-H "Accept: application/json" \
-H "Content-Type: application/json" -H "authorization: {{api_key}}" -H "x-xdr-auth-id: {{api_key_id}}" \
"https://api-}/public_api/v1/audits/management_logs/" \
-d '{
"request_data" : {
"search_from" : 0,
"next_page_token" : "next_page_token",
"filters" : [ {
"field" : "email",
"value" : 0,
"operator" : "in"
}, {
"field" : "email",
"value" : 0,
"operator" : "in"
} ],
"sort" : {
"field" : "timestamp",
"keyword" : "desc"
},
"search_to" : 0,
"use_page_token" : true
}
}'
Request headers
authorization
required
String
api-key
Example:
{{api_key}}
x-xdr-auth-id
required
String
api-key-id
Example:
{{api_key_id}}
Request
Body
required
Note: You can send a request to retrieve either all or filtered results.
request_data
required
Object
filters
optional
Array
of objects
field
optional
String
(Enum)
Allowed values:
email
type
sub_type
result
timestamp
audit_id
operator
optional
String
(Enum)
Allowed values:
in
neq
eq
lte
gte
value
optional
Integer
search_from
optional
Integer
search_to
optional
Integer
sort
optional
Object
field
optional
String
(Enum)
Allowed values:
sub_type
result
timestamp
audit_id
type
keyword
optional
String
(Enum)
Allowed values:
ASC
asc
DESC
desc
use_page_token
optional
Boolean
next_page_token
optional
String
This attribute is only returned if use_page_token is provided in the request with value true
Responses